Rybbon is now BHN Rewards
Learn more

SOC 2 Compliance

Rybbon has completed its SOC 2® Type 2 examination. We can provide SOC 2® Type 2 reports and attestations of compliance upon request. Rybbon has designed, implemented, and operated its system of controls to meet its service commitments based on the Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality and Privacy.


GDPR and CCPA Compliance

Rybbon recognizes the sensitivity of your personal data. We take holistic security measures to ensure both GDPR and CCPA compliance.


HIPAA Compliance

Rybbon can support rewards programs that need to be HIPAA compliant. Rybbon has a standard Business Associate Addendum (BAA) we present to customers for signature. It takes into account the services Rybbon provides.


Third-Party Sub-Processors

Rybbon uses third-party sub-processors to provide various business functions after due diligence to evaluate their defensive posture and executes an agreement requiring each Sub Processor to maintain acceptable security practices.


Physical Security

Rybbon employs AWS, the market leader in cloud services to host its services. Rybbon leverages the functionalities provided by AWS to build a highly scalable, secure and reliable platform. Rybbon employs serverless technologies administered by AWS, eliminating the need for Rybbon to manage and secure servers. The serverless technologies allow Rybbon to scale seamlessly to handle millions of customers

Secure Platform